2024-07-25 12:23:36 +02:00
<!DOCTYPE html>
< html lang = "en" >
< head >
< meta charset = "utf-8" >
< meta http-equiv = "X-UA-Compatible" content = "IE=edge" >
< meta name = "viewport" content = "width=device-width, initial-scale=1.0" >
< meta name = "description" content = "" >
< meta name = "author" content = "" >
< link rel = "shortcut icon" href = "../../../../../../assets/img/favicon.png" >
< title > XMPP server (Gajim, OMEO encryption, ejabberd .onion setup)< / title >
<!-- Bootstrap core CSS -->
< link href = "../../assets/css/bootstrap.css" rel = "stylesheet" >
< link href = "../../assets/css/xt256.css" rel = "stylesheet" >
<!-- Custom styles for this template -->
< link href = "../../assets/css/main.css" rel = "stylesheet" >
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- [if lt IE 9]>
< script src = "https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js" > < / script >
< script src = "https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js" > < / script >
<![endif]-->
< / head >
< body >
<!-- Static navbar -->
< div class = "navbar navbar-inverse-anon navbar-static-top" >
< div class = "container" >
< div class = "navbar-header" >
< button type = "button" class = "navbar-toggle" data-toggle = "collapse" data-target = ".navbar-collapse" >
< span class = "icon-bar" > < / span >
< span class = "icon-bar" > < / span >
< span class = "icon-bar" > < / span >
< / button >
< a class = "navbar-brand-anon" href = "\index.html" > nihilist`s Blog< / a >
< / div >
< div class = "navbar-collapse collapse" >
< ul class = "nav navbar-nav navbar-right" >
< li > < a href = "/about.html" > About< / a > < / li >
< li > < a href = "/blog.html" > Categories< / a > < / li >
2024-08-12 23:22:38 +02:00
< li > < a href = "https://blog.nowhere.moe/donate.html" > Donate< / a > < / li >
2024-07-25 12:23:36 +02:00
< li > < a href = "/contact.html" > Contact< / a > < / li >
< / ul >
< / div > <!-- /.nav - collapse -->
< / div >
< / div >
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
< div id = "anon2" >
< div class = "container" >
< div class = "row" >
< div class = "col-lg-8 col-lg-offset-2" >
< a href = "../anon.html" > Previous Page< / a > < / br > < / br > < p > < img src = "../../assets/img/user.png" width = "50px" height = "50px" > < ba > nihilist@mainpc - 2024-05-29< / ba > < / p >
< h1 > XMPP server (Gajim, OMEO encryption, ejabberd .onion setup) < / h1 >
< p > In this tutorial we're going to cover how to setup an XMPP chatting service over Tor. < / p >
< p > < u > Disclaimer:< / u > If you want this service to remain anonymous, make sure you at least keep < a href = "../sensitiveremotevshome/index.html" > TOR between you and the service< / a > from the < a href = "../anonymousremoteserver/index.html" > VPS acquisition< / a > to actual service usage. < / p >
< / div >
< / div > <!-- /row -->
< / div > <!-- /container -->
< / div > <!-- /grey -->
<!-- +++++ Second Post +++++ -->
< div id = "anon3" >
< div class = "container" >
< div class = "row" >
< div class = "col-lg-8 col-lg-offset-2" >
< h2 > < b > Initial Setup < / b > < / h2 >
< p > First let's install the required packages, and then run the xmpp server using docker (you can check the documentation < a href = "https://github.com/processone/docker-ejabberd/blob/master/ecs/README.md" > here< / a > ), we'll follow < a href = "https://landchad.net/ejabberd/" > Lukesmith's tutorial< / a > specifically:< / p >
< pre > < code class = "nim" >
apt install ejabberd -y
< / code > < / pre >
< p > Now we need the following domain names to point to your server:< / p >
< pre > < code class = "nim" >
2024-08-12 23:22:38 +02:00
nowhere.moe - Your XMPP hostname
xmpp.nowhere.moe - For mod_muc, Multi User Chats (MUCs)
upload.nowhere.moe - For mod_http_upload, file upload support
proxy.nowhere.moe - For mod_proxy65, SOCKS5 proxy support
pubsub.nowhere.moe - For mod_pubsub, publish-subscribe support (A fancier RSS)
2024-07-25 12:23:36 +02:00
< / code > < / pre >
< p > Then we edit the ejabberd config file accordingly:< / p >
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [/srv]
→ vim /etc/ejabberd/ejabberd.yml
[...]
hosts:
2024-08-12 23:22:38 +02:00
- nowhere.moe
2024-07-25 12:23:36 +02:00
[...]
mod_muc:
2024-08-12 23:22:38 +02:00
host: xmpp.nowhere.moe
2024-07-25 12:23:36 +02:00
[...]
< / code > < / pre >
2024-08-12 23:22:38 +02:00
< p > Next we need to obtain the TLS certificate for the xmpp.nowhere.moe domain, to do so we'll use acme.sh: < / p >
2024-07-25 12:23:36 +02:00
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [~]
2024-08-12 23:22:38 +02:00
→ systemctl stop nginx ; acme.sh --issue --standalone -d xmpp.nowhere.moe -k 4096 ; systemctl start nginx
2024-07-25 12:23:36 +02:00
[Sun Jun 9 07:12:21 PM CEST 2024] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sun Jun 9 07:12:21 PM CEST 2024] Standalone mode.
[Sun Jun 9 07:12:21 PM CEST 2024] Creating domain key
2024-08-12 23:22:38 +02:00
[Sun Jun 9 07:12:23 PM CEST 2024] The domain key is here: /root/.acme.sh/xmpp.nowhere.moe/xmpp.nowhere.moe.key
[Sun Jun 9 07:12:23 PM CEST 2024] Single domain='xmpp.nowhere.moe'
[Sun Jun 9 07:12:25 PM CEST 2024] Getting webroot for domain='xmpp.nowhere.moe'
[Sun Jun 9 07:12:25 PM CEST 2024] Verifying: xmpp.nowhere.moe
2024-07-25 12:23:36 +02:00
[Sun Jun 9 07:12:25 PM CEST 2024] Standalone mode server
[Sun Jun 9 07:12:26 PM CEST 2024] Pending, The CA is processing your order, please just wait. (1/30)
[Sun Jun 9 07:12:30 PM CEST 2024] Pending, The CA is processing your order, please just wait. (2/30)
[Sun Jun 9 07:12:33 PM CEST 2024] Pending, The CA is processing your order, please just wait. (3/30)
[Sun Jun 9 07:12:37 PM CEST 2024] Success
[Sun Jun 9 07:12:37 PM CEST 2024] Verify finished, start to sign.
[Sun Jun 9 07:12:37 PM CEST 2024] Lets finalize the order.
[Sun Jun 9 07:12:37 PM CEST 2024] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1581078457/276884921497'
[Sun Jun 9 07:12:38 PM CEST 2024] Downloading cert.
[Sun Jun 9 07:12:38 PM CEST 2024] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/03a21dfde3a1a017ddaec55ef3c43a3cae0c'
[Sun Jun 9 07:12:39 PM CEST 2024] Cert success.
[...]
2024-08-12 23:22:38 +02:00
[Sun Jun 9 07:12:39 PM CEST 2024] Your cert is in: /root/.acme.sh/xmpp.nowhere.moe/xmpp.nowhere.moe.cer
[Sun Jun 9 07:12:39 PM CEST 2024] Your cert key is in: /root/.acme.sh/xmpp.nowhere.moe/xmpp.nowhere.moe.key
[Sun Jun 9 07:12:39 PM CEST 2024] The intermediate CA cert is in: /root/.acme.sh/xmpp.nowhere.moe/ca.cer
[Sun Jun 9 07:12:39 PM CEST 2024] And the full chain certs is there: /root/.acme.sh/xmpp.nowhere.moe/fullchain.cer
2024-07-25 12:23:36 +02:00
[ Datura ] [ /dev/pts/10 ] [~]
2024-08-12 23:22:38 +02:00
→ chown -R ejabberd:ejabberd /root/.acme.sh/xmpp.nowhere.moe
2024-07-25 12:23:36 +02:00
[ Datura ] [ /dev/pts/10 ] [~]
→ cat /etc/ejabberd/ejabberd.yml
[...]
certfiles:
2024-08-12 23:22:38 +02:00
- "/root/.acme.sh/xmpp.nowhere.moe/fullchain.cer"
2024-07-25 12:23:36 +02:00
[...]
< / code > < / pre >
< p > Then we add the admin user in ejabberd.yml:< / p >
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [~]
→ cat /etc/ejabberd/ejabberd.yml
[...]
acl:
admin:
user:
- "nihilist"
[...]
< / code > < / pre >
< p > We also add the File Uploads:< / p >
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [~]
→ cat /etc/ejabberd/ejabberd.yml
[...]
mod_http_upload:
put_url: https://@HOST@:5443/upload
docroot: /srv/xmpp/upload/
custom_headers:
"Access-Control-Allow-Origin": "https://@HOST@"
"Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS"
"Access-Control-Allow-Headers": "Content-Type"
[...]
[ Datura ] [ /dev/pts/10 ] [~]
→ mkdir /srv/xmpp/upload/ -p
[ Datura ] [ /dev/pts/10 ] [~]
→ chown -R ejabberd:ejabberd /srv/xmpp/upload/
< / code > < / pre >
< p > We enable message archives too:< / p >
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [~]
→ cat /etc/ejabberd/ejabberd.yml
[...]
mod_mam:
## Mnesia is limited to 2GB, better to use an SQL backend
## For small servers SQLite is a good fit and is very easy
## to configure. Uncomment this when you have SQL configured:
## db_type: sql
assume_mam_usage: true
default: always
[...]
< / code > < / pre >
< p > Next, you setup a coturn service for the VOIP < a href = "https://landchad.net/coturn/" > here< / a > , but in this case we'll use the same coturn service that we previously setup for the < a href = "../matrixnew/index.html" > matrix server< / a > < / p >
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [~]
→ cat /etc/ejabberd/ejabberd.yml
[...]
mod_stun_disco:
secret: "DAWDDWADWADAWDWAWDDWAADWADWDWADWADWAAWDDWAWAD"
services:
-
2024-08-12 23:22:38 +02:00
host: m.nowhere.moe
2024-07-25 12:23:36 +02:00
type: stun
-
2024-08-12 23:22:38 +02:00
host: m.nowhere.moe
2024-07-25 12:23:36 +02:00
type: turn
[...]
< / code > < / pre >
< p > Then we restart the ejabberd service:< / p >
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [~]
→ systemctl restart ejabberd
[ Datura ] [ /dev/pts/10 ] [~]
→ systemctl status ejabberd
● ejabberd.service - robust, scalable and extensible realtime platform (XMPP server + MQTT broker + SIP service)
Loaded: loaded (/lib/systemd/system/ejabberd.service; enabled; preset: enabled)
Active: active (running) since Sun 2024-06-09 21:21:41 CEST; 6s ago
Docs: https://www.process-one.net/en/ejabberd/docs/
Main PID: 3664214 (sh)
Tasks: 116 (limit: 77002)
Memory: 111.9M
CPU: 3.022s
CGroup: /system.slice/ejabberd.service
< / code > < / pre >
< p > Now that the ejabberd service has restarted successfully, we can register the admin user:< / p >
< pre > < code class = "nim" >
[ Datura ] [ /dev/pts/10 ] [~]
2024-08-12 23:22:38 +02:00
→ ejabberdctl register nihilist nowhere.moe P@SSW0RD
2024-07-25 12:23:36 +02:00
2024-08-12 23:22:38 +02:00
User nihilist@nowhere.moe successfully registered
2024-07-25 12:23:36 +02:00
< / code > < / pre >
< / div >
< / div > <!-- /row -->
< / div > <!-- /container -->
< / div > <!-- /white -->
< div id = "anon2" >
< div class = "container" >
< div class = "row" >
< div class = "col-lg-8 col-lg-offset-2" >
< h2 > < b > Setup< / b > < / h2 > < / br > < / br >
< p > Now the xmpp server is active, along with your nihilist user, so let's connect to it from a XMPP client like gajim:< / p >
< pre > < code class = "nim" >
[ mainpc ] [ /dev/pts/8 ] [~]
→ sudo apt install gajim -y
< / code > < / pre >
< img src = "1.png" class = "imgRz" >
< p > < / p >
< img src = "" class = "imgRz" >
< pre > < code class = "nim" >
< / code > < / pre >
< p > < / p >
< img src = "" class = "imgRz" >
< pre > < code class = "nim" >
< / code > < / pre >
< p > < / p >
< img src = "" class = "imgRz" >
< pre > < code class = "nim" >
< / code > < / pre >
< / div >
< / div > <!-- /row -->
< / div > <!-- /container -->
< / div > <!-- /white -->
<!-- +++++ Second Post +++++ -->
< div id = "anon1" >
< div class = "container" >
< div class = "row" >
< div class = "col-lg-8 col-lg-offset-2" >
< h2 > < b > Setup< / b > < / h2 > < / br > < / br >
< p > < / p >
< pre > < code class = "nim" >
< / code > < / pre >
< p > < / p >
< pre > < code class = "nim" >
< / code > < / pre >
< p > < / p >
< pre > < code class = "nim" >
< / code > < / pre >
< / div >
< / div > <!-- /row -->
< / div > <!-- /container -->
< / div > <!-- /white -->
<!-- +++++ Footer Section +++++ -->
< div id = "anonb" >
< div class = "container" >
< div class = "row" >
< div class = "col-lg-4" >
< h4 > Nihilism< / h4 >
< p >
Until there is Nothing left.
< / p >
< / div > <!-- /col - lg - 4 -->
< div class = "col-lg-4" >
< h4 > My Links< / h4 >
< p >
2024-08-12 23:22:38 +02:00
< a target = "_blank" rel = "noopener noreferrer" href = "http://blog.nowhere.moe/rss/feed.xml" > RSS Feed< / a > < br / > < a target = "_blank" rel = "noopener noreferrer" href = "https://matrix.to/#/#nihilism:m.nowhere.moe" > Matrix Chat< / a > < br / >
2024-07-25 12:23:36 +02:00
< / p >
< / div > <!-- /col - lg - 4 -->
< div class = "col-lg-4" >
< h4 > About nihilist< / h4 >
2024-08-12 23:22:38 +02:00
< p style = "word-wrap: break-word;" > < u > Donate XMR:< / u > 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8< / p > < / br > < p > < u > Contact:< / u > nihilist@nowhere.moe (< a href = "https://nowhere.moe/nihilist.pubkey" > PGP< / a > )< / p >
2024-07-25 12:23:36 +02:00
< / div > <!-- /col - lg - 4 -->
< / div >
< / div >
< / div >
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
< / body >
< / html >